[Top] [All Lists]

RE: I-D ACTION:draft-ietf-smime-pss-00.txt

2003-02-27 19:32:14


I agree that a comment on not using the same RSA key pair for both RSA
PKCS#1 v1.5 and RSA-PSS is a good idea and will insert this.

I do not believe that there is a strong argument for creating an
SMIMECapability for RSA-PSS, but would welcome comments from the list.
The reason that I don't believe that it is really needed is that the
worst that happens is you send a message to somebody and the recipient
cannot validate the signature.  However, I do not know of any MUAs that
look at SMIMECapabilities for sending signed messages.  This is not the
same problem as with encrypted mail where there is no way to see the
message if the client does not understand the content encryption

I am hesitant to try and address issues of hash sizes with any degree of
specifics.  Given the amount of arguments over
draft-orman-public-key-lengths-05.txt I don't want to follow the rat
down the hole.  Do you see any need for text beyond that in


-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org 
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of 
Sent: Wednesday, February 26, 2003 9:32 AM
To: jimsch(_at_)exmsft(_dot_)com
Cc: ietf-smime(_at_)imc(_dot_)org
Subject: RE: I-D ACTION:draft-ietf-smime-pss-00.txt

Hi Jim,

I understand that this Internet Draft is much simpler than 
the one on the
use of RSA-OAEP under CMS since you are referring to a future 
PKIX RFC (i.e.

However, I would think it still needs to include a separate section on
SMIMECapabilities attribute conventions addressing the various hash
functions, and the section on security considerations should 
probably touch
on not using of the same RSA private key under both RSA PKCS 
#1 v1.5 and
RSA-PSS, and on the choice of hash function and key sizes.



-----Original Message-----
From: Internet-Drafts(_at_)ietf(_dot_)org 
Sent: Wednesday, February 26, 2003 9:02 AM
Cc: ietf-smime(_at_)imc(_dot_)org
Subject: I-D ACTION:draft-ietf-smime-pss-00.txt

A New Internet-Draft is available from the on-line Internet-Drafts
This draft is a work item of the S/MIME Mail Security Working 
Group of the

      Title           : Use of the PSS Signature Algorithm in CMS
      Author(s)       : J. Schaad
      Filename        : draft-ietf-smime-pss-00.txt
      Pages           : 5
      Date            : 2003-2-25
This document specifies the conventions for using the RSA 
Probabilistic Signature Scheme (RSASSA-PSS) digital signature 
algorithm [P1v2.1] with the Cryptographic Message Syntax (CMS) [CMS].

A URL for this Internet-Draft is:

To remove yourself from the IETF Announcement list, send a message to 
ietf-announce-request with the word unsubscribe in the body 
of the message.

Internet-Drafts are also available by anonymous FTP. Login 
with the username
"anonymous" and a password of your e-mail address. After logging in,
type "cd internet-drafts" and then
      "get draft-ietf-smime-pss-00.txt".

A list of Internet-Drafts directories can be found in 

Internet-Drafts can also be obtained by e-mail.

Send a message to:
In the body type:
      "FILE /internet-drafts/draft-ietf-smime-pss-00.txt".
NOTE: The mail server at can return the document in
      MIME-encoded form by using the "mpack" utility.  To use this
      feature, insert the command "ENCODING mime" before the "FILE"
      command.  To decode the response(s), you will need "munpack" or
      a MIME-compliant mail reader.  Different MIME-compliant 
mail readers
      exhibit different behavior, especially when dealing with
      "multipart" MIME messages (i.e. documents which have been split
      up into multiple messages), so check your local documentation on
      how to manipulate these messages.
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the

<Prev in Thread] Current Thread [Next in Thread>